feat(auth): 集成BCrypt密码加密与错误码扩展

pom.xml

@@ -220,6 +220,12 @@
             <artifactId>commons-pool2</artifactId>
         </dependency>
 
+        <!--   仅用作密码加密     -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
         <!-- 添加Hibernate Validator作为Bean Validation提供程序 -->
         <dependency>
             <groupId>org.hibernate.validator</groupId>

src/main/java/com/yolo/keyborad/common/ErrorCode.java

@@ -29,7 +29,8 @@ public enum ErrorCode {
     TOKEN_NO_PREFIX(40109, "未按照指定前缀提交令牌"),
     FILE_NAME_ERROR(40002, "文件名错误"),
     USER_NOT_FOUND(40401, "用户不存在"),
-    USER_INFO_UPDATE_FAILED(50002, "用户信息更新失败");
+    USER_INFO_UPDATE_FAILED(50002, "用户信息更新失败"),
+    PASSWORD_OR_MAIL_ERROR(50003,"密码或邮箱错误" );
     /**
      * 状态码
      */

src/main/java/com/yolo/keyborad/config/SecurityConfig.java

@@ -0,0 +1,16 @@
+package com.yolo.keyborad.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        // strength（cost）默认 10，够用了；可以视情况调高，比如 12
+        return new BCryptPasswordEncoder();
+    }
+}

src/main/java/com/yolo/keyborad/service/impl/UserServiceImpl.java

@@ -17,6 +17,7 @@ import com.yolo.keyborad.model.vo.user.KeyboardUserRespVO;
 import com.yolo.keyborad.service.UserService;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 
 /*
@@ -30,13 +31,15 @@ public class UserServiceImpl extends ServiceImpl<KeyboardUserMapper, KeyboardUse
     @Resource
     private KeyboardUserMapper keyboardUserMapper;
 
+    @Resource
+    private BCryptPasswordEncoder bCryptPasswordEncoder;
+
     @Override
     public KeyboardUser selectUserWithSubjectId(String sub) {
-        KeyboardUser keyboardUser = keyboardUserMapper.selectOne(
+        return keyboardUserMapper.selectOne(
                 new LambdaQueryWrapper<KeyboardUser>()
                 .eq(KeyboardUser::getSubjectId, sub)
                 .eq(KeyboardUser::getStatus, false));
-        return keyboardUser;
     }
 
     @Override
@@ -51,6 +54,7 @@ public class UserServiceImpl extends ServiceImpl<KeyboardUserMapper, KeyboardUse
 
     @Override
     public KeyboardUserRespVO login(UserLoginDTO userLoginDTO) {
+        userLoginDTO.setPassword(userLoginDTO.getPassword());
         KeyboardUser keyboardUser = keyboardUserMapper.selectOne(
                 new LambdaQueryWrapper<KeyboardUser>()
                         .eq(KeyboardUser::getEmail, userLoginDTO.getMail())
@@ -59,6 +63,9 @@ public class UserServiceImpl extends ServiceImpl<KeyboardUserMapper, KeyboardUse
         if (keyboardUser == null) {
             throw new BusinessException(ErrorCode.USER_NOT_FOUND);
         }
+        if (!bCryptPasswordEncoder.matches(userLoginDTO.getPassword(), keyboardUser.getPassword())) {
+            throw new BusinessException(ErrorCode.PASSWORD_OR_MAIL_ERROR);
+        }
         StpUtil.login(keyboardUser.getId());
         KeyboardUserRespVO keyboardUserRespVO = BeanUtil.copyProperties(keyboardUser, KeyboardUserRespVO.class);
         keyboardUserRespVO.setToken(StpUtil.getTokenValue());